256 matches found
fail2ban DoS
It's possible to trigger a block for arbitrary client...
Fedora 19 : fail2ban-0.8.10-1.fc19 (2013-10742)
Fail2Ban 0.8.10 addresses a possible remote denial of service attack when using the supplied apache- filters. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...
Fedora 17 : fail2ban-0.8.10-1.fc17 (2013-10830)
Fail2Ban 0.8.10 addresses a possible remote denial of service attack when using the supplied apache- filters. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...
Fedora 18 : fail2ban-0.8.10-1.fc18 (2013-10806)
Fail2Ban 0.8.10 addresses a possible remote denial of service attack when using the supplied apache- filters. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...
Medium: fail2ban
Issue Overview: The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request. Affected Packages:...
[ MDVSA-2013:191 ] fail2ban
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:191 http://www.mandriva.com/en/support/security/ Package : fail2ban Date : July 2, 2013 Affected: Business Server 1.0 Problem Description: Updated fail2ban packages fix CVE-2013-2178 Krzysztof...
Mandriva Linux Security Advisory : fail2ban (MDVSA-2013:191)
Updated fail2ban packages fix CVE-2013-2178 Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall. When using Fail2ban to monitor Apache logs, improper...
Fedora Update for fail2ban FEDORA-2013-10830
Check for the Version of fail2ban OpenVAS Vulnerability Test Fedora Update for fail2ban FEDORA-2013-10830 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for fail2ban FEDORA-2013-10830
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for fail2ban FEDORA-2013-10806
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for fail2ban FEDORA-2013-10806
Check for the Version of fail2ban OpenVAS Vulnerability Test Fedora Update for fail2ban FEDORA-2013-10806 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
MGASA-2013-0192 Updated fail2ban packages fix CVE-2013-2178
Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall. When using Fail2ban to monitor Apache logs, improper input validation in log parsing could enabl...
Updated fail2ban packages fix CVE-2013-2178
Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall. When using Fail2ban to monitor Apache logs, improper input validation in log parsing could enabl...
[SECURITY] Fedora 19 Update: fail2ban-0.8.10-1.fc19
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/errorlog and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. To use the hostsdeny and shorewall actions you must install tcpwrappers and shorewall respectively...
[SECURITY] Fedora 18 Update: fail2ban-0.8.10-1.fc18
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/errorlog and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. To use the hostsdeny and shorewall actions you must install tcpwrappers and shorewall respectively...
[SECURITY] Fedora 17 Update: fail2ban-0.8.10-1.fc17
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/errorlog and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. To use the hostsdeny and shorewall actions you must install tcpwrappers and shorewall respectively...
Debian DSA-2708-1 : fail2ban - denial of service
Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall. When using Fail2ban to monitor Apache logs, improper input validation in log parsing could enabl...
[SECURITY] [DSA 2708-1] fail2ban security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2708-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez June 16, 2013 http://www.debian.org/security/faq -...
DSA-2708-1 fail2ban - denial of service
Bulletin has no description...
Debian Security Advisory DSA 2708-1 (fail2ban - denial of service)
Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall. When using Fail2ban to monitor Apache logs, improper input validation in log parsing could enabl...